Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

· A
Russian national was charged February 17 in the U.S. for his alleged
involvement in a scheme that stole more than 160 million credit card numbers
resulting in hundreds of millions of dollars in losses to consumers and
financial institutions. – Tribune Washington BureauSee item 4 below in the Financial Services Sector

· Snow removal operations
in Boston continued February 18 after a series of winter storms that added
additional delays and cancellations to the State’s transit system. – Boston
Globe

8. February 17, Boston Globe – (Massachusetts) Cancellations,
delays stack up on commuter rail. Full-scale snow removal operations in
Boston continued and a parking ban in the city was expected to be lifted
February 18 after the latest of a series of winter storms dumped snow that
added additional delays and cancellations to the Massachusetts Bay
Transportation Authority’s (MBTA) transit system which already was already
providing limited service. An MBTA representative warned that it could take up
to 30 days to restore full service on the public transit system. Source: https://www.bostonglobe.com/metro/2015/02/17/mbta-commuters-face-hurdles-workweek-resumes/onVl30TkQBpbP9tYSCGqrN/story.html

· A state of emergency was
declared in Tennessee February 16 due to deteriorating road conditions and
major traffic issues caused by a winter storm that swept across the State. – Nashville
Tennessean

10. February 17, Nashville
Tennessean –
(Tennessee) Tennessee declares state of emergency as roads deteriorate. A
state of emergency was declared in Tennessee February 16 due to deteriorating
road conditions and major traffic issues caused by a winter storm that swept
across the State. The Tennessee Emergency Management Agency activated its
emergency management plan and the Tennessee National Guard deployed to several
counties to aid with interstate crashes and perform motorist wellness checks.
Source: http://www.tennessean.com/story/news/2015/02/16/tennessee-declares-state-emergency-roads-deteriorate/23534741/

· Researchers reported that
a cyber-espionage group has used spear-phishing and other techniques to deliver
two backdoors though 100 malware samples to infect Windows PCs and Android
devices of targets based in several countries. – Securityweek See item 31 below in the Information Technology Sector

Financial Services Sector

4. February
18, Tribune Washington Bureau – (International) Accused
Russian hacker to face charges in US court. A Russian national was
extradited to the U.S. and charged February 17 in New Jersey for his alleged
involvement in an international scheme that stole more than 160 million credit
card numbers resulting in hundreds of millions of dollars in losses to
consumers and financial institutions including Dow Jones, 7-Eleven, Nasdaq, Visa,
and JetBlue. The suspect, arrested in the Netherlands in 2012, allegedly hacked
victims’ networks to gain access to usernames and passwords, credit card and
personal identifiable information, and sold them to resellers around the world.
Source: http://www.msn.com/en-us/news/crime/accused-russian-hacker-to-face-charges-in-us-court/ar-BBhHvhz

7. February
16, Help Net Security – (International) Banking trojan Dyreza
sends 30,000 malicious emails in one day. Bitdefender security researchers
discovered that 30,000 malicious emails containing the banking trojan Dyreza
were sent in one day to customers of banks including HSBC, NatWest, Barclays, RBS,
Lloyds Bank, and Santander from servers in the U.K., France, Turkey, Russia,
and the U.S. The trojan allows hackers to covertly steal credentials and
manipulate accounts. Source: http://www.net-security.org/malware_news.php?id=2964

For another story, see item 28 below in the Information Technology Sector

Information Technology Sector

27. February
18, Softpedia – (International) Author of Android Xbot malware includes curse
at AV companies. Avast security researchers discovered that the Xbot
Android malware infected over 2,570 installations in 350 unique files through
third-party marketplaces since the beginning of February. The malware
persistently runs on infected devices, has the capability to download content
to command and control (C&C) servers, and primarily focuses on capturing,
reading, and writing short text messages. Source: http://news.softpedia.com/news/Author-of-Android-Xbot-Malware-Includes-Curse-At-AV-Companies-473509.shtml

28. February
18, Help Net Security – (International) Credit card info stolen in
BigFish Games site compromise. BigFish Games reported that the personal and
financial information of some of its customers that made purchases between
December 24, 2014 and January 8 may have been compromised after the company
discovered malware installed on the billing and payment pages of their Web site
January 12. Affected customers were notified of the breach February 11, and the
company removed the malware and has taken steps to prevent the malware from
being reinstalled. Source: http://www.net-security.org/secworld.php?id=17964

30. February
17, Help Net Security – (International) Flaw in Netgear Wi-Fi
routers exposes admin password, WLAN details. A network engineer discovered
and notified Netgear support that certain versions of the brand’s WNDR3700v4,
WNR2200, and WNR2500 home wireless routers contain a vulnerability in the
embedded simple object access protocol (SOAP) service that could allow
unauthenticated remote and locally-connected attackers to obtain the
administrator password, device serial number, WLAN details, and various
information related to clients connected to the device. Source: http://www.net-security.org/secworld.php?id=17959

31. February
17, Securityweek – (International) Arabic threat group attacking thousands of
victims globally. Kaspersky Lab security researchers reported that “Desert
Falcons,” the first known full-scale Arabic cyber-espionage group, has used
spear-phishing and social engineering techniques to deliver two backdoors
though 100 malware samples to infect Windows PCs and Android devices of targets
based in Egypt, Palestine, Israel, Jordan, the U.S., and other countries for at
least 2 years. The malware has full-backdoor capability as well as the
capability to steal call and SMS logs in Android versions, and attackers have
targeted victims from political, military, government individuals and
organizations, media outlets, energy and utility providers, physical security
companies, and others holding geopolitical information. Source: http://www.securityweek.com/arabic-threat-group-attacking-thousands-victims-globally

For
additional stories, see items 4, 6, and 7 above in the Financial Services Sector

Communications Sector

32. February 17, Fierce
Wireless – (National) T-Mobile recovers from service disruptions
in the Northeast. T-Mobile service in the Northeast region of the U.S. was
restored after several hours February 13 following a network disruption that
resulted in intermittent service, loss of high-speed data reception, and the
ability to make voice calls. The cause of the outage was not disclosed. Source:
http://www.fiercewireless.com/story/t-mobile-recovers-service-disruptions-northeast/2015-02-17

For another story, see item 31 above in the Information Technology
Sector

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"